Two factor authentication is one technique used to ensure access is only granted to authorized users. In two factor authentication, a user is required to provide two authentication parameters. For example, one parameter might be a password or a PIN known to the user and to the authentication server or computing device.
A second factor might be a dynamic credential. For example, a user might be required to carry a key fob or other device having a display which provides a fixed length number. The number might change periodically such as every 60 seconds. The algorithm used to generate the dynamic credential is known to both the key fob and the authentication server or computing device, and thus if the same seed, such as a current time, is used, the number should match in both locations. The current time may be based on a mutually known time, such as a network time received from a network element, a clock on a device that is periodically synchronized, the exchange of the current time between a reader and a device, among other possibilities.
Currently a user must input the number that is seen on the key fob for the second factor of the two factor authentication. The entering of a number is both cumbersome and prone to errors.
Other examples of two factor authentication also exist. For example, challenge response tokens may have a host send a random challenge and the token perform some computation based on a secret key to generate a response. The host has related knowledge of the secret key and can thus verify the response. Similar to time based tokens, the response must be entered, which is again cumbersome and prone to error.